Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/04/13 2:27 a.m.4 views

undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter

A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid servermaxwindowbits parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate,...

7.5CVSS7.1AI score0.00874EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/04/09 1:38 p.m.8 views

undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter

A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid servermaxwindowbits parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate,...

7.5CVSS7.2AI score0.00874EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/03/12 10:23 p.m.4 views

CVE-2026-2229

A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid servermaxwindowbits parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate,...

7.5CVSS5.7AI score0.00874EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-25065

Name of the Vulnerable Software and Affected Versions undici versions prior to 7.24.0 Description The undici WebSocket client is susceptible to a denial-of-service condition due to unrestricted memory usage during permessage-deflate decompression. When a WebSocket connection utilizes the...

7.5CVSS7.1AI score0.0115EPSS
Exploits0References226
Rows per page
Query Builder